const user = require("../../database/user")
const md5 = require("md5");

module.exports = async (req, res, next)=>{
  const {uId, opassword, npassword} = req.body;

  if(req.uId !== uId && req.power !== 0){
    res.send({
      code:4,
      msg:"权限不够"
    })
    return;
  }

  if(!uId || !opassword || !npassword){
    res.send({
      code:3,
      msg:"缺少必传参数：uId 或 opassword 或 npassword"
    })
    return;
  }

  const data = await user.find( {uId} );

  if(data[0].password === md5(opassword)){
    await user.updateOne( {uId} , {password: md5(npassword)})
    res.send({
      code: 1,
      msg:  "密码修改成功"
    })
  }else{
    res.send({
      code: 2,
      msg:  "原密码不对"
    })
  }
}